Google has now published a major security update for its Chrome browser, which is available for macOS, Windows, and Linux. This update is intended to address CVE-2023-6345, a zero-day vulnerability that has been proven to be actively exploited in the wild. This flaw may allow attackers to take control of compromised devices. Google has recommended all Chrome users to upgrade their browsers as soon as possible.
Google has not released any further information on the CVE-2023-6345 attack, which was discovered last week by Google’s Threat Analysis Group (TAG). This prudence is widespread among IT firms, as precise information might possibly enable attackers to exploit insecure Chrome setups. According to Android Central, the length of active exploitation prior to discovery is unclear.
Read More: Icons of India – Chanderi feat. Hyundai Venue N Line
What is the danger?
CVE-2023-6345, on the other hand, is an integer overflow vulnerability affecting Skia, the open-source 2D graphics library incorporated into the Chrome graphics engine. According to the macOS update notes (version 119.0.6045.199), the vulnerability allowed at least one attacker to possibly execute a sandbox escape via a malicious file. A sandbox escape is a serious concern since it can result in arbitrary code execution and data theft, jeopardizing the security of the Chrome browser and the user’s sensitive data.
CVE-2023-6345 presents substantial risk consequences if exploited. Unauthorized access to sensitive user data might arise from successful attacks, potentially leading to data modification and other cyber dangers.
How to Keep Safe
Because the details of the exploit are unknown, users are recommended to treat this security update as urgently as possible in order to avoid any dangers related with the vulnerability. Google has already published a patch to address the vulnerability, and users are encouraged to upgrade their browsers. “The Stable channel is now updated to 119.0.6045.199 for Mac and Linux and 119.0.6045.199/.200 for Windows, which will be roll out over the coming days/weeks,”reads the official blog.
Users who have enabled automatic updates in their Chrome browsers do not need to take any urgent action. Chrome will automatically upgrade to the most recent version, which includes the necessary security patch. Users who have deactivated automatic updates or who want emergency protection are strongly recommended to manually begin an upgrade. The suggested macOS version is 119.0.6045.199.
Google Chrome should be updated.
Follow these procedures to manually update Google Chrome:
Navigate to Chrome’s settings.
Select the “About Chrome” tab.
Find and select the “Update Google Chrome” option.
If the update option is not accessible, it means that the browser is already up to date.
Google has also informed consumers that the remedy would be applied gradually over the next few days or weeks. Because of the gradual distribution, the update may not be instantly available to all users at the time of writing. Nonetheless, considering the possible dangers posed by CVE-2023-6345, users are strongly advised to be vigilant and download the update as soon as it becomes available in order to secure their surfing experience.
